Windows Host Files problem

I had a problem with WinMixer and vturt.dll and typed in the program name in google and found this site. Somebody had posted instructions on this board telling someone how to get rid of it. I followed them and so far so good; it's worked. I thought doing that would have also solved my host files problem. I run Microsoft Anti-Spyware and check there and I've got maybe 100 things listed there including "ad.adsmart.net". A friend told me to copy the original host file text from I316 (might've gotten the numbers wrong, but you know the folder I'm talking about) and past them into the one in System32/drivers/etc then use the Spybot options to in IE Tweak and Resident to make sure it doesn't get hijacked. I do that but the same problem keeps coming back. I'll fix the text and have only "localhost" there, but the next day, the junk is back. What should I do?

Thanks in advance for the help (and for the WinMixer directions).

 

Also, I just checked add/remove programs and I see something I don't remember noticing before. Its "Python 2.2.3" and "Python 2.2 pywin32 extensions (build 203)". The latter has a link that reads "click here for support information" and in there is a url to their website. I clicked it and ZoneAlarm popped up asking permission for a .dll and I clicked deny. That looks suspcious. Does anyone know about this?

 

Pyton is a Programming Script Language and is a Legit program, you had to of installed a Program that requires the Python Runtime.

Download HOSTER and then follow the below steps.

• Unzip Hoster to a convenient folder such as C:\Hoster
• Run Hoster.exe, click Restore Original Hosts and then click OK.
• Click the X to exit the program

Please follow the steps below:

- Run ALL the steps in this Sticky thread READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal

Make sure you check version numbers and get all updates.

- Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.

After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps below:

- Download HijackThis 1.99.1

- Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

- Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file.

- Before running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

- Run HijackThis and save your log file.

- Post your log as an ATTACHMENT to your next message. (Do NOT copy/paste the log into your post).

 

Thanks a lot. I haven't done anything yet (it's 2:50 AM) but I'm going to follow the steps tomorrow.

 

I haven't done all the scans (the SpyBot, Ad-Aware, etc. - although I already had those on the computer and run them regularly) yet but I've followed the instructions.

The BitDefender scan results, I took a screen shot and the link is below.

http://img43.imagevenue.com/img.php?loc=loc279&image=2d8_bitdefender_results.JPG

The RAV scan didn't find anything.

My log is attached.

 

Have HJT fiix the following:

Now we need to Reset Web Settings:
1) If you have an Internet Explorer icon on your Desktop, goto step 2. If not, skip to step 3.

2) Now right click on your desktop Internet Explorer icon and select Properties. Then click the Programs tab and then click "Reset Web Settings". Now go back to the General tab and set your home page address to something useful like www.majorgeeks.com. Click Apply. Click Delete Cookies, Click Delete Files and select Delete all Offline content too, Click OK. When it finishes Click OK. Then skip step 3.

Reboot and post a fresh HJT log as an attachment.

3) If you do not have an Internet Explorer icon on your Desktop, click Start, Control Panel (for some systems it may be Start, Settings, Control Panel), Internet Options, Programs tab and then click "Reset Web Settings". Now go back to the General tab and set your home page address to something useful like www.majorgeeks.com. Click Apply. Click Delete Cookies, Click Delete Files and select Delete all Offline content too, Click OK. When it finishes Click OK.

 

You're correct, I blew right past that.

You have 2 Anti-Virus Programs installed, pick one uninstall the other.

You also have 2 firewalls installed, pick one uninstall the other.

HijackThis is not installed as requested, please installed to a safer location such as C:\Program Files\HJT. Correct this before you run HJT and post your new log.

 

I uninstalled Norton and kept AVG.

btw - Whenver I start Windows, I get a pop-up box for new hardware found. When I try to proceed, it's something about AVG and it never connects. Do you know what that is or if it's a problem?

And thanks for all the help. My computer is already running faster.

 

You may have to uninstall AVG and then reinstall it.

 

You have the Symantec Security Center installed and running, You can uninstall this as it is not a necessary service.

Your HJT log is clean. What issues, if any are you still having?

 

Everything seems to be running smoothly but after I restarted (after updating ZoneAlarm), Trend Micro opened and said there were changes in Active X programs (they were the 2 online scans you told me to do) and the other was about the browser. A bunch of stuff that looked fishy so I clicked "deny" on those. Just now I checked the log because I figured you could get more from that than me talking about it. The file is too big to be uploaded (its 130 KB). Since it's not HJT, am I allowed to post the text?

 

Just copy and paste the pertinent parts of the log.

 

Here it is.

 

That's Bitdefender and RAV online stuff. Post a fresh HJT log.

 

I'm also getting an error message when trying to run Azureus. It reads "ERROR: socket Selector.open() failed 10 times, aborting. Something is very wrong!!!" The program opens but I get a connection error on the torrents.

 

Your log is malware free, this is a software issue. Try reinstalling Azureus.

 

It's still not working. Any suggestions for other torrent programs? I prefer BitComet (loads faster and has less crap with it) but that doesn't work with some sites.

 

Take a look at this site http://forums.whirlpool.net.au/forum-replies-archive.cfm/338725.html

 

I read that page and checked some of the links, but I've gotta go to sleep. I'll check it out tomorrow.

Again, thanks for the help and infinite patience.

 

Nope, it didn't work. I opened Azureus and did the NAT/Firewall test. I got "Testing port 6881 ... Unable to test: Invalid port given, or test service failed. Another application may already be using this port."

I don't know if that's the problem. I'm wondering if it's a ZoneAlarm thing. Since updating (re-installing it), programs no longer as for permission before opening. Now after I double-click Azureus, the ZA box doesn't pop up and the program takes 2 minutes to start then I get the error message. How do I change that?

 

This is more an issue for the software forum. If you post there, I'm positive you will get excellent help sorting it out.

 

OK. Thanks for the help you've given me thus far.